Skip to main content
CVE-2016-4657 HIGH POC KEV THREAT Act Now

WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Memory Corruption Denial Of Service RCE Apple
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
77.1%
Threat
7.1
CVE-2016-4656 HIGH POC KEV THREAT Act Now

The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Memory Corruption Denial Of Service RCE Apple
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
66.7%
Threat
6.6
CVE-2016-4069 HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Denial Of Service Leap Webmail
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2016-6369 HIGH This Week

Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Anyconnect Secure Mobility Client
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-5673 HIGH This Week

UltraVNC Repeater before 1300 does not restrict destination IP addresses or TCP ports, which allows remote attackers to obtain open-proxy functionality by using a :: substring in between the IP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Repeater
NVD
CVSS 3.0
7.5
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy